Authentication is the act of establishing or confirming the identity of a user. One common use of authentication is access control. Access control attempts to detect and exclude unauthorized users from accessing a resource that is intended to be used only by authorized individuals. For example, resources that access control may be used to protect include a file, an application, a web site, an account of an individual, a software program, a physical object (e.g., a computer system, a physical facility, a safe, a room, a filing cabinet), and/or anything else that needs to be secure. Access to the resource is therefore controlled by an authentication process to establish, with some degree of confidence, the identity of the user attempting to access the resource.
Authentication is often achieved using one or more tests. When performing one or more of these tests, a user must submit the correct response(s) to be authenticated and access the resource. The correct response(s) may be initially defined when the user registers (e.g., creates a user profile) for access to the resource. Known authentication tests include passwords, personal identification numbers (PINs), and biometrics (e.g., fingerprints, voice recognition, retinal scans).